26 Oct
2006
26 Oct
'06
5:45 a.m.
On Thursday 26 October 2006 03:49, Hai Zaar wrote:
Dear list!
Is there any way to specify sasl-secprops separately for each transport type? For ldapi:/// is want "sasl-secprops noanonymous,noplain", and "sasl-secprops noanonymous,noplain,noactive" for the rest.
The idea is to require SASL GSSAPI for everyone with only exception for clients connecting via ldapi (like heimdal KDC) - they need SASL EXTERNAL.
Why don't you just remove the SASL mechanisms you don't want? The SASL/EXTERNAL will always be there but the others are just shared libraries which live in /usr/lib/sasl2 or something similar (at least on my system). The slapd won't offer any mechanism which isn't installed.
Karsten.